Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/5056827E1D1711EB9918046AC4F9AE02.roa
File: 5056827E1D1711EB9918046AC4F9AE02.roa (raw, json)
Hash identifier: IurGq+/p74kj0cOYI7IIex6bTsVIQg2alWHiMdd13ts=
Subject key identifier: 89:18:37:36:FB:84:4C:50:66:3A:64:CD:ED:20:47:0F:84:DD:36:67
Certificate issuer: /CN=A915B536/serialNumber=8210D43756654B10705D5AB3F37BF01A78B78C47
Certificate serial: 08C7
Authority key identifier: 82:10:D4:37:56:65:4B:10:70:5D:5A:B3:F3:7B:F0:1A:78:B7:8C:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/5056827E1D1711EB9918046AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:43:08 +0000
ROA not before: Fri 04 Apr 2025 21:34:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30133
IP address blocks: 103.11.221.0/24 maxlen: 24
202.41.140.0/24 maxlen: 24
202.41.142.0/24 maxlen: 24
202.41.143.0/24 maxlen: 24
202.41.144.0/24 maxlen: 24
202.41.146.0/24 maxlen: 24
203.119.16.0/24 maxlen: 24
203.119.17.0/24 maxlen: 24
203.119.19.0/24 maxlen: 24
203.119.20.0/24 maxlen: 24
203.119.51.0/24 maxlen: 24
203.119.57.0/24 maxlen: 24
203.119.79.0/24 maxlen: 24
2001:dd8:13::/48 maxlen: 48
2001:dd8:14::/48 maxlen: 48
2001:dd8:15::/48 maxlen: 48
2001:dd8:17::/48 maxlen: 48
2001:dd8:18::/48 maxlen: 48
2001:dd8:19::/48 maxlen: 48
2001:dd8:1a::/48 maxlen: 48
2001:dd8:1c::/48 maxlen: 48
2001:dd8:1d::/48 maxlen: 48
2001:dd8:1e::/48 maxlen: 48
2001:dd8:22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.crl
rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:22:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2247 (0x8c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915B536, serialNumber=8210D43756654B10705D5AB3F37BF01A78B78C47
Validity
Not Before: Apr 4 21:34:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a45e8b-3518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6f:a5:22:52:a5:33:16:0e:74:f5:65:94:8f:
58:b0:7b:8d:85:14:d2:65:74:d4:f5:f1:a5:7d:d4:
f6:59:99:d4:a7:a4:85:40:9e:51:72:63:48:20:9c:
4d:ad:ff:77:42:77:a5:2a:3e:c3:dd:44:29:00:09:
a3:bb:1d:fe:b4:11:83:86:43:0e:d7:6d:3e:c9:60:
89:8d:78:c0:84:57:b0:5f:13:61:af:3e:be:93:4c:
7a:77:86:6a:49:69:25:93:7a:c0:8f:56:d2:5a:93:
a7:4c:d6:a7:18:13:06:a1:be:d6:40:b5:7d:8b:14:
4a:71:0d:39:14:81:6c:6a:46:ac:3a:cd:c6:08:77:
5d:e6:d0:64:a5:b9:73:46:29:52:56:b5:33:f5:d0:
4a:df:90:15:95:c2:cc:f8:fe:60:41:09:d8:dc:71:
e6:85:f6:35:73:eb:8a:97:c8:16:cd:ae:21:57:28:
18:90:4b:af:db:8e:f2:bb:ce:ed:f7:3b:5c:ac:83:
3e:95:5d:fe:9e:30:54:a7:9e:76:43:47:5b:41:02:
c7:13:0b:46:00:26:07:7a:fc:0a:05:b7:2d:5d:1d:
99:10:43:05:30:99:59:39:42:2c:3c:ff:5c:22:38:
5c:5b:8c:d9:d2:f7:c4:11:01:35:68:00:de:bd:c4:
02:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:18:37:36:FB:84:4C:50:66:3A:64:CD:ED:20:47:0F:84:DD:36:67
X509v3 Authority Key Identifier:
keyid:82:10:D4:37:56:65:4B:10:70:5D:5A:B3:F3:7B:F0:1A:78:B7:8C:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/5056827E1D1711EB9918046AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.11.221.0/24
202.41.140.0/24
202.41.142.0-202.41.144.255
202.41.146.0/24
203.119.16.0/23
203.119.19.0-203.119.20.255
203.119.51.0/24
203.119.57.0/24
203.119.79.0/24
IPv6:
2001:dd8:13::-2001:dd8:15:ffff:ffff:ffff:ffff:ffff
2001:dd8:17::-2001:dd8:1a:ffff:ffff:ffff:ffff:ffff
2001:dd8:1c::-2001:dd8:1e:ffff:ffff:ffff:ffff:ffff
2001:dd8:22::/48
Signature Algorithm: sha256WithRSAEncryption
70:96:20:d5:2b:ed:a3:c0:69:44:1b:9c:70:9d:f1:fd:82:1e:
9f:0c:1b:a2:17:0a:a6:39:06:58:66:de:47:de:2e:15:7c:f5:
09:ac:64:ac:4f:a2:6e:38:37:58:91:32:f7:c6:ce:58:6d:80:
de:34:90:1c:f8:f4:c3:16:9e:8e:62:a1:8e:40:22:fe:a6:d7:
49:44:8f:71:8b:dc:b6:b7:ef:b8:5b:a3:fd:ae:2a:5d:40:af:
1c:33:be:5e:8a:6e:73:3f:b8:26:9d:08:2d:2e:77:be:2c:55:
fc:c7:15:34:54:f9:ff:ab:66:5b:3f:2c:c7:c9:fe:48:1a:15:
ce:00:f6:92:58:e7:58:32:82:61:8a:b5:c3:34:08:08:31:28:
1e:8f:11:27:f1:9a:01:9d:76:1e:d5:5b:80:54:f6:e2:7b:54:
f4:50:ef:a1:2d:c7:f1:e3:27:26:52:62:5d:44:cd:35:81:6c:
27:c1:77:4a:2b:be:8e:55:81:88:70:22:35:24:e0:62:bb:e2:
00:16:b0:f9:07:75:e2:16:ee:f8:37:46:41:51:89:ab:8a:e2:
9b:2e:d6:dd:b7:ea:07:cd:2d:99:40:12:07:6a:2e:03:ca:ff:
38:3a:9b:38:12:9c:52:06:a9:28:77:63:61:f7:0c:f8:c2:d9:
7a:6d:84:f2
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICCMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI1MzYxMTAvBgNVBAUTKDgyMTBENDM3NTY2NTRCMTA3MDVENUFCM0YzN0JGMDFB
NzhCNzhDNDcwHhcNMjUwNDA0MjEzNDM0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NWU4Yi0zNTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzm+lIlKlMxYOdPVllI9YsHuNhRTSZXTU9fGlfdT2WZnUp6SFQJ5RcmNIIJxN
rf93QnelKj7D3UQpAAmjux3+tBGDhkMO120+yWCJjXjAhFewXxNhrz6+k0x6d4Zq
SWklk3rAj1bSWpOnTNanGBMGob7WQLV9ixRKcQ05FIFsakasOs3GCHdd5tBkpblz
RilSVrUz9dBK35AVlcLM+P5gQQnY3HHmhfY1c+uKl8gWza4hVygYkEuv247yu87t
9ztcrIM+lV3+njBUp552Q0dbQQLHEwtGACYHevwKBbctXR2ZEEMFMJlZOUIsPP9c
IjhcW4zZ0vfEEQE1aADevcQCuQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFIkYNzb7
hExQZjpkze0gRw+E3TZnMB8GA1UdIwQYMBaAFIIQ1DdWZUsQcF1as/N78Bp4t4xH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjUzNi9FNEM4ODk3MkVC
NzQxMUVBQkEwQTlFNDhDNEY5QUUwMi9naERVTjFabFN4QndYVnF6ODN2d0duaTNq
RWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2doRFVOMVpsU3hCd1hWcXo4M3Z3R25pM2pFYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI1MzYvRTRDODg5NzJFQjc0MTFFQUJBMEE5RTQ4QzRGOUFFMDIvNTA1NjgyN0Ux
RDE3MTFFQjk5MTgwNDZBQzRGOUFFMDIucm9hMIGuBggrBgEFBQcBBwEB/wSBnjCB
mzBMBAIAATBGAwQAZwvdAwQAyimMMAwDBAHKKY4DBADKKZADBADKKZIDBAHLdxAw
DAMEAMt3EwMEAMt3FAMEAMt3MwMEAMt3OQMEAMt3TzBLBAIAAjBFMBIDBwAgAQ3Y
ABMDBwEgAQ3YABQwEgMHACABDdgAFwMHACABDdgAGjASAwcCIAEN2AAcAwcAIAEN
2AAeAwcAIAEN2AAiMA0GCSqGSIb3DQEBCwUAA4IBAQBwliDVK+2jwGlEG5xwnfH9
gh6fDBuiFwqmOQZYZt5H3i4VfPUJrGSsT6JuODdYkTL3xs5YbYDeNJAc+PTDFp6O
YqGOQCL+ptdJRI9xi9y2t++4W6P9ripdQK8cM75eim5zP7gmnQgtLne+LFX8xxU0
VPn/q2ZbPyzHyf5IGhXOAPaSWOdYMoJhirXDNAgIMSgejxEn8ZoBnXYe1VuAVPbi
e1T0UO+hLcfx4ycmUmJdRM01gWwnwXdKK76OVYGIcCI1JOBiu+IAFrD5B3XiFu74
N0ZBUYmriuKbLtbdt+oHzS2ZQBIHai4Dyv84Ops4EpxSBqkod2Nh9wz4wtl6bYTy
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:38:17 2026 by rpki-client